Update go dependencies #120

Workflow file for this run

	# This workflow uses actions that are not certified by GitHub.
	# They are provided by a third-party and are governed by
	# separate terms of service, privacy policy, and support
	# documentation.

	# GitHub recommends pinning actions to a commit SHA.
	# To get a newer version, you will need to update the SHA.
	# You can also reference a tag or branch, but the action may change without warning.

	name: Create and publish a Docker images

	on:
	push: {}

	env:
	REGISTRY: ghcr.io
	IMAGE_BASE_NAME: ${{ github.repository_owner }}

	jobs:
	build-and-push-image:
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write
	strategy:
	matrix:
	app:
	- name: web_proxy
	- name: static_datastore_builder
	- name: public_node
	env:
	OUTPUTS_DIR: /tmp/outputs

	steps:
	- name: Checkout repository
	uses: actions/checkout@v3

	- name: Log in to the Container registry
	uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v2

	- name: Set up Docker Buildx
	id: buildx
	uses: docker/setup-buildx-action@v2

	- name: Docker meta
	id: meta
	uses: docker/metadata-action@v4
	with:
	images: \|
	"${{ env.REGISTRY }}/${{ env.IMAGE_BASE_NAME }}/${{ matrix.app.name }}"
	tags: \|
	type=ref,event=branch,prefix=branch-
	type=semver,pattern={{version}}
	type=semver,pattern={{major}}.{{minor}}

	- name: Build and push
	id: build_and_push
	uses: docker/build-push-action@v4
	with:
	context: .
	file: build/docker/Dockerfile.${{ matrix.app.name }}
	platforms: linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/riscv64
	push: ${{ github.event_name != 'pull_request' }}
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}

	- name: Prepare artifacts
	run: \|
	mkdir -p "$OUTPUTS_DIR"
	jq -c '{
	"${{ matrix.app.name }}": (
	"${{ env.REGISTRY }}/${{ env.IMAGE_BASE_NAME }}/${{ matrix.app.name }}@" + .["containerimage.digest"]
	)
	}' <<EOF >> "$OUTPUTS_DIR/image"
	${{ steps.build_and_push.outputs.metadata }}
	EOF

	- name: Upload artifacts
	uses: actions/upload-artifact@v2
	with:
	name: image_${{ matrix.app.name }}
	path: ${{ env.OUTPUTS_DIR }}/image

	images:
	runs-on: ubuntu-latest
	needs: build-and-push-image
	env:
	OUTPUTS_DIR: /tmp/outputs
	outputs:
	images: ${{ steps.images.outputs.images }}

	steps:
	- uses: actions/download-artifact@v3
	with:
	path: /tmp/outputs
	- run: ls /tmp/outputs \|\| true
	- run: cat /tmp/outputs/*/image \|\| true
	- id: images
	run: echo "images=$( cat /tmp/outputs/*/image \| jq -sc add )" >> "$GITHUB_OUTPUT"

	test-docker-images:
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: read
	needs: images

	strategy:
	matrix:
	arch:
	- linux/amd64
	- linux/arm/v6
	- linux/arm/v7
	- linux/arm64
	- linux/riscv64

	env:
	IMG_STATIC_DATASTORE_BUILDER: ${{ fromJSON(needs.images.outputs.images).static_datastore_builder }}
	IMG_PUBLIC_NODE: ${{ fromJSON(needs.images.outputs.images).public_node }}
	IMG_WEB_PROXY: ${{ fromJSON(needs.images.outputs.images).web_proxy }}
	NETWORK_NAME: "cinode/${{ matrix.arch }}"

	steps:
	- name: Dump docker images info
	run: \|
	jq . <<EOF
	${{ needs.images.outputs.images }}
	EOF

	- name: Checkout repository
	uses: actions/checkout@v3

	- name: Log in to the Container registry
	uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v2

	- name: Compile simple dataset
	run: \|
	mkdir /tmp/cinode

	docker run \
	--platform "${{ matrix.arch }}" \
	--rm \
	--interactive \
	--read-only \
	--volume "/tmp/cinode:/tmp" \
	--volume "$(pwd)/testvectors:/data:ro" \
	--user $(id -u ${USER}):$(id -g ${USER}) \
	"$IMG_STATIC_DATASTORE_BUILDER" \
	compile \
	--source /data \
	--destination /tmp/encrypted \
	> /tmp/cinode/compile_result.json

	- name: Create docker network
	run: \|
	docker network create "$NETWORK_NAME"

	- name: Run public datastore node
	run: \|
	docker run \
	--platform "${{ matrix.arch }}" \
	--detach \
	--read-only \
	--network "$NETWORK_NAME" \
	--volume "/tmp/cinode/encrypted:/data:ro" \
	--env CINODE_MAIN_DATASTORE=/data \
	--name datastore \
	"$IMG_PUBLIC_NODE"

	- name: Run web proxy
	run: \|
	docker run \
	--platform "${{ matrix.arch }}" \
	--detach \
	--read-only \
	--network "$NETWORK_NAME" \
	--env CINODE_ENTRYPOINT="$( cat /tmp/cinode/compile_result.json \| jq -r .entrypoint )" \
	--env CINODE_ADDITIONAL_DATASTORE_1="http://datastore:8080/" \
	--name web_proxy \
	"$IMG_WEB_PROXY"

	- name: Inspect docker environment
	run: docker ps

	- name: Check if can fetch files from cinode proxy
	run: \|
	docker run \
	--rm \
	--interactive \
	--network "$NETWORK_NAME" \
	--read-only \
	--mount type=tmpfs,destination=/tmp \
	--volume "$(pwd)/testvectors:/data:ro" \
	--user $(id -u ${USER}):$(id -g ${USER}) \
	curlimages/curl \
	sh \
	-c '
	set -euo pipefail
	cd /data
	while read f; do
	FILE_HASH="$( cat "$f" \| sha256sum )"
	WEB_HASH="$( curl -s "http://web_proxy:8080/${f}" \| sha256sum )"
	echo "${FILE_HASH} ${f}"
	diff <( echo "$FILE_HASH" ) <( echo "$WEB_HASH" )
	done < <( find . -type f -print )
	'

	- name: Dump datastore logs
	if: always()
	run: docker logs datastore

	- name: Dump web_proxy logs
	if: always()
	run: docker logs web_proxy

	- name: Inspect docker environment
	if: always()
	run: docker ps

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update go dependencies #120

Workflow file

Update go dependencies #120

Jobs

Run details

Workflow file for this run